← voltar
CVE-2005-3330

CVE-2005-3330

EPSS 17.2%
The _httpsrequest function in Snoopy 1.2, as used in products such as (1) MagpieRSS, (2) WordPress, (3) Ampache, and (4) Jinzora, allows remote attackers to execute arbitrary commands via shell metacharacters in an HTTPS URL to an SSL protected web page, which is not properly handled by the fetch function.
Produtos afetados
n/a · n/a
PoCs públicas encontradas1
exploitdbwww.exploit-db.com/exploits/26424não verificado
⚠ Recursos públicos, para você avaliar a exposição de sistemas que controla ou está autorizado a testar. Teste apenas com autorização.

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →
Referências
http://marc.info/?l=bugtraq&m=113028858316430&w=2http://marc.info/?l=bugtraq&m=113062897231412&w=2http://secunia.com/advisories/17330http://secunia.com/advisories/17455http://secunia.com/advisories/17779http://secunia.com/advisories/17887http://securityreason.com/securityalert/117http://securitytracker.com/id?1015104https://exchange.xforce.ibmcloud.com/vulnerabilities/22874http://sourceforge.net/project/shownotes.php?release_id=368750http://sourceforge.net/project/shownotes.php?release_id=375385https://svn.ampache.org/branches/3.3.1/docs/CHANGELOG